On 10/24/14 9:39 AM, Tom Lane wrote: > Peter, Dave: maybe you have tweaked things to keep listen_addresses > empty and rely only on Unix-socket connections?
I can confirm that I do get the popup when starting an installed postmaster with the default settings. Given that this doesn't affect "make check" anymore, I'm unsure about this patch. There is a lot of magic in the configure change. I don't know what to pass as the configure option argument, so can't really evaluate that. I'd like to see an explanation for what is done there. I'm afraid there is security ridicule potential. We are essentially adding an option to patch out an operating system security feature that the user chose. Some might find that neat and ship binaries built that way. Because it's "--with-codesign" and not "--with-codesign-for-devel-dont-use-in-production". Have we dug deep enough into the firewall configuration to evaluate other options? Can we, for example, exclude a port range? I could see adding this as a contrib script if we don't find a better way. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
